values.yaml

hostname: bigbang.dev

# Toggle sourcing from external repos
# TODO: All this does right now is toggle GitRepositories, it is _not_ fully functional
offline: false

# Regisitires can be an explicit map of registries as provided here
registryCredentials:
  registry: registry1.dso.mil
  username: ""
  password: ""
  email: ""

# Or a list of registires:
# registryCredentials:
# - registry: registry.dso.mil
#   username: user.name
#   password: user-secret
#   email: xxx@xxx.xxx
# - registry: registry1.dso.mil
#   username: user.name
#   password: user-secret
#   email: xxx@xxx.xxx
# - registry: registry.example.com
#   username: user.name
#   password: user-secret
#   email: xxx@xxx.xxx

# Global git values
# Order of precedence is:
#   1. existingSecret
#   2. http credentials (username/password)
#   3. ssh credentials (privateKey/publicKey/knownHosts)
git:
  # Existing secret to use for git credentials, must be in the appropriate format: https://toolkit.fluxcd.io/components/source/gitrepositories/#https-authentication
  existingSecret: ""

  # Chart created secrets with user defined values
  credentials:
    # HTTP git credentials, both username and password must be provided
    username: ""
    password: ""

    # SSH git credentials, privateKey, publicKey, and knownHosts must be provided
    privateKey: ""
    publicKey: ""
    knownHosts: ""

# Gloabl SSO parameters
sso:
  oidc:
    host: login.dso.mil
    realm: baby-yoda
  certificate_authority: ''
  jwks: ""
  client_id: ""
  client_secret: ""

# Flux reconciliation parameters
flux:
  interval: 2m
  install:
    retries: 3
  upgrade:
    retries: 3
  rollback:
    timeout: 10m
    cleanupOnFail: true

# ----------------------------------------------------------------------------------------------------------------------
# Istio
#
istio:
  enabled: true
  git:
    repo: https://repo1.dso.mil/platform-one/big-bang/apps/core/istio-controlplane.git
    path: "./chart"
    tag: "1.7.3-bb.7"
  ingress:
    key: ""
    cert: ""
  sso:
    enabled: false
    kiali:
      client_id: kiali
      client_secret: "change_me"
    jaeger:
      client_id: jaeger
      client_secret: "change_me"
  values: {}

istiooperator:
  enabled: true
  git:
    repo: https://repo1.dso.mil/platform-one/big-bang/apps/core/istio-operator.git
    path: "./chart"
    tag: "1.7.0-bb.1"
  values: {}
# ----------------------------------------------------------------------------------------------------------------------

# ----------------------------------------------------------------------------------------------------------------------
# Cluster Auditor
#
clusterAuditor:
  enabled: true
  git: 
    repo: https://repo1.dso.mil/platform-one/big-bang/apps/core/cluster-auditor.git
    path: "./chart"
    tag: "0.1.8-bb.1"
  values: {}
# ----------------------------------------------------------------------------------------------------------------------

# ----------------------------------------------------------------------------------------------------------------------
# OPA Gatekeeper
#
gatekeeper:
  enabled: true
  git:
    repo: https://repo1.dso.mil/platform-one/big-bang/apps/core/policy.git
    path: "./chart"
    tag: "3.1.2-bb.3"
  values: {}
# ----------------------------------------------------------------------------------------------------------------------

# ----------------------------------------------------------------------------------------------------------------------
# Logging
#
logging:
  enabled: true
  git:
    repo: https://repo1.dso.mil/platform-one/big-bang/apps/core/elasticsearch-kibana.git
    path: "./chart"
    tag: "0.1.3-bb.1"
  values: {}

eckoperator:
  enabled: true
  git:
    repo: https://repo1.dso.mil/platform-one/big-bang/apps/core/eck-operator.git
    path: "./chart"
    tag: "1.3.0-bb.3"
  values: {}

fluentbit:
  enabled: true
  git:
    repo: https://repo1.dso.mil/platform-one/big-bang/apps/core/fluentbit.git
    path: "./chart"
    tag: "0.1.0-bb.1"
  values: {}
# ----------------------------------------------------------------------------------------------------------------------

# ----------------------------------------------------------------------------------------------------------------------
# Monitoring
#
monitoring:
  enabled: true
  git:
    repo: https://repo1.dso.mil/platform-one/big-bang/apps/core/monitoring.git
    path: "./chart"
    tag: "11.0.0-bb.10"
  sso:
    enabled: false
    prometheus:
      client_id: prometheus
      client_secret: "change_me"
    alertmanager:
      client_id: alertmanager
      client_secret: "change_me"
    grafana:
      client_id: grafana
      client_secret: "change_me"
      scopes: ""
      allow_sign_up: "true"
      role_attribute_path: "Viewer"
  values: {}
# ----------------------------------------------------------------------------------------------------------------------

# ----------------------------------------------------------------------------------------------------------------------
# Twistlock
#
twistlock:
  enabled: true
  git:
    repo: https://repo1.dso.mil/platform-one/big-bang/apps/security-tools/twistlock.git
    path: "./chart"
    tag: "0.0.2-bb.1"
  values: {}
# ----------------------------------------------------------------------------------------------------------------------

addons:
  argocd:
    enabled: false
    git:
      repo: https://repo1.dso.mil/platform-one/big-bang/apps/core/argocd.git
      path: "./chart"
      tag: "2.9.5-bb.4"
    values: {}

  authservice:
    # if enabling authservice, a filter needs to be provided by either enabling
    # sso for monitoring or istio, or manually adding a filter chain in the values here:
    # values:
    #   chain:
    #     minimal:
    #       callback_uri: "https://somecallback"
    enabled: false
    git:
      repo: https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/authservice.git
      path: "./chart"
      tag: "0.1.6-bb.1"
    # Dont put chain configuraitons in this section
    values: {}
    # Put additional chain configuration in this section
    chains: {}

  gitlab:
    enabled: false
    git:
      repo: https://repo1.dso.mil/platform-one/big-bang/apps/developer-tools/gitlab.git
      path: "./chart"
      tag: "4.2.0-bb.1"

  haproxy:
    enabled: false
    git:
      repo: https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/haproxy.git
      path: "./chart"
      tag: 1.1.2-bb.0
    values: {}